For months, there’s been a slow drip of US tech companies revealing the national security letters that are being sent to them by the FBI to demand user data without a warrant. Yesterday, Twitter posted a statement about two letters it received that are no longer restricted by a gag order.
The letters, from 2015 and 2016, demand data from users and notify the company that it is not allowed to discuss the order until an unspecific review in the future. US Associate General Counsel for Twitter Elizabeth Banker wrote that the gag order has been lifted and this is the first time the company is allowed to acknowledge the NSLs.
From Banker’s post:
We have provided each of the account holders with copies of the relevant NSLs (certain information redacted to protect privacy) as well as the account data we were compelled to produce. While the actual NSLs request a large amount of data, Twitter provides a very limited set of data in response to NSLs consistent with federal law and interpretive guidance from the US Department of Justice.
She went on to state that Twitter continues to be unsatisfied with the FBI process that restricts them from being transparent with users about the requests they receive. The social network is currently involved in a lawsuit, Twitter v. Lynch, that claims the US government is violating the First Amendment by not allowing companies to “respond to our users’ concerns and to the statements of US government officials by providing information about the scope of US government surveillance — including what types of legal process have not been received.”
According to Reuters, this whole process may violate the FBI’s own guidelines:
Each of the two new orders, known as national security letters (NSLs), specifically request a type of data known as electronic communication transaction records, which can include some email header data and browsing history, among other information.
In doing so, the orders bolster the belief among privacy advocates that the FBI has routinely used NSLs to seek internet records beyond the limitations set down in a 2008 Justice Department legal memo, which concluded such orders should be constrained to phone billing records.
A 2014 report from an FBI inspector general disagreed with that memo.
Andrew Crocker, a staff attorney at the Electronic Frontier Foundation, told Reuters “this is an ongoing practice and it is significantly beyond the scope of what is intended”. The EFF is currently involved in a lawsuit in the Ninth US Circuit Court of Appeals that challenges the constitutionality of national security letters. The next court date is set for March 20th.
Though “tens of thousands of NSLs are issued annually”, there have only been a few released to the public following the lifting of the gag order. In recent months, Cloudflare, Google, the Internet Archive and Yahoo have all published letters they have received.
Twitter will appear in court to pursue the Lynch case on February 14.